SEC-1738: Spring Security Config 3.1.0.RC2 has required dependency on openid4java which requires guice 2.0. #1974

spring-issuemaster opened this Issue May 10, 2011 · 1 comment


None yet

2 participants


Keith Donald (Migrated from SEC-1738) said:

I upgraded to Spring Security 3.1.0.RC2 and found openId4java and guice2.0 on my classpath. My application requires neither. spring-security-config seems to be requiring them and they're coming in transitively. As a workaround, I excluded openid for now.


Rob Winch said:

Thank you for the bug report. I have checked in a fix. I validated the pom that is generated no longer contains a compile time dependency to openid4java which will also eliminate the guice dependency.

@spring-issuemaster spring-issuemaster added this to the 3.1.0.RC3 milestone Feb 5, 2016
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment